Should a hub verify an unsubscription request even if it doesn't know about a subscription with the topic url and callback url given by the request? Reading the spec that seems to be the case, but it seems like a bit of a waste.

Actually, is there any situation at all where a hub could respond with hub.mode=denied to an unsubscription request?

Thanks!

I don't think the spec suggests doing the verification request in this case:

If (and when), the subscription is accepted, the hub must perform the verification of intent of the subscriber.

It's the "is accepted" text that would be not true for unsubscription requests for an unknown topic+callback URL.

Ah, ok.

Hubs MAY decide to reject some callback URLs or topic URLs based on their own policies (e.g., domain authorization, topic URL port numbers). However, since verification and validation of intent are asynchronous steps that logically begin after the HTTP response has been returned, the HTTP response MUST NOT depend on the process or outcome of verification or validation.

made me think that that kind of checks had to wait. But I guess I just need to practice more at reading specs. Thanks @aaronpk!